STIGQter STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 1 Release: 17 Benchmark Date: 24 Jan 2020: The DBMS must alert designated organizational officials in the event of an audit processing failure.

DISA Rule

SV-66383r2_rule

Vulnerability Number

V-52167

Group Title

SRG-APP-000108-DB-000048

Rule Version

O112-C2-008500

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Modify OS or third-party logging application settings to alert designated organizational personnel when auditing fails for any reason.

If Oracle Enterprise Manager is in use, the capability to issue such an alert is built in and configurable via the console so an alert can be sent to a designated administrator.

Check Contents

Review OS or third-party logging application settings to determine whether an alert will be sent to the designated organizational personnel when auditing fails for any reason. If no alert will be sent, this is a finding.

Vulnerability Number

V-52167

Documentable

False

Rule Version

O112-C2-008500

Severity Override Guidance

Review OS or third-party logging application settings to determine whether an alert will be sent to the designated organizational personnel when auditing fails for any reason. If no alert will be sent, this is a finding.

Check Content Reference

M

Target Key

2669

Comments